Show simple item record

dc.contributor.authorSkinner, Geoffrey
dc.contributor.authorChang, Elizabeth
dc.identifier.citationSkinner, Geoff and Chang, Elizabeth. 2005. : PP-SDLC The privacy protecting systems development life cycle, in Milutinovic, V. (ed), IPSI Conference, Apr 23 2005. France: IPSI - Academic Mind.

Many new Privacy Laws and Regulations have placed an increased importance on the correct design and implementation of information systems. This is an attempt to preserve and protect user and information privacy. Incorporating privacy regulations and guidelines into an active information system is often unsuccessful and ineffective. In addition, systems that have already progressed through the development life cycle can very expensive to change once implemented. We propose the integration of privacy preservation methodologies and techniques into each phase of the system development life cycle (SDLC). This is to preserve the privacy of individuals and to protect PII (Personally Identifiable Information) data. The incorporation of IT Security measures in each SDLC phase is also discussed. This is due to its direct relevance and correlation with information system privacy issues. The proposed methodology involves identifying the privacy and security issues in each phase. From there appropriate privacy protecting and security techniques are applied to address these issues. Special mention is made of the recently proposed Common Criteria. The CC is an international standard for IT Security for Information Systems. Specifically, this paper will analyse the way the Common Criteria currently deals with privacy in information systems, and what is needed to improve its current inadequate handling of information privacy.

dc.publisherIPSI - Academic Mind
dc.subjectprivacy impact assessments
dc.subjectCommon Criteria
dc.subjectPrivacy Protection
dc.subjectPersonally Identifiable Information
dc.subjectInformation Privacy
dc.subjectSystems Development Life Cycle
dc.subjectinformation systems
dc.titlePP-SDLC The privacy protecting systems development life cycle
dc.typeConference Paper
dcterms.source.titleProceedings of the IPSI-2005 France
dcterms.source.seriesProceedings of the IPSI-2005 France
dcterms.source.conferenceIPSI Conference
dcterms.source.conference-start-dateApr 23 2005
curtin.departmentCentre for Extended Enterprises and Business Intelligence
curtin.accessStatusOpen access
curtin.facultyCurtin Business School
curtin.facultySchool of Information Systems

Files in this item


This item appears in the following Collection(s)

Show simple item record